The present invention relates to a storage device used to access a storage medium such as an optical disk, magnetic disk or magneto-optical (MO),disk, in order to read and write data, and more particularly to a storage device for restricting access to a storage medium in order to ensure data security.
A known access control method for preventing theft of data written on a storage medium involves establishing a password for controlling access to the storage medium. A user gains access to the storage medium if the entered password matches the password established for the storage medium.
Referring now to FIG. 9, a flow chart is provided for explaining a known access control. When a user wants to read data from or write data to a storage medium, the user places a request for access to the storage medium on a host device which then sends the request to the storage device holding the storage medium (Step S1). Then, the storage device requests/waits entry of a password from the host device (Step S2). The storage device also reads out a password previously stored in a prescribed area of the storage medium (Step S3). When the user enters a password from the host device (Step S4), the entered password is compared with the password read from the storage medium (Step S5). In Step S6, the storage device allows access to the storage medium when the entered password matches the stored password (Step S7), and denies access to the storage medium when they do not match (Step S8).
During initialization of the storage device and medium, a password is written onto a password area, which is a space on the storage medium reserved for the password. Once a password has been set, it is common practice to periodically change the password in order to ensure security in the event that the password itself is stolen. Thus, an operation for writing a new password onto the storage medium is also required for security purposes.
While writing to a storage medium, however, a write error can occur resulting in an inability to carry out the write operation properly. This can occur when there is a loss of power to the storage device, noise, or the like. It is conceivable that a power failure could occur after the password previously written in the password area has been deleted and before a new password has been written. In such an event, no password would be written in the password area, with the result being that anyone could access the storage medium without restriction.
In addition, where noise occurs during a password write, an abnormal value could be written to the storage medium by mistake. If this occurs, the password would not be written correctly, and since once a password is written, it cannot be read by a user, even an authorized user would not be able to access the storage medium in this case. Furthermore, foreign matter that adheres to the storage medium or a scratch on the storage medium could prevent a password from being read out. Moreover, a power loss, or the like, occurring after a password has been written could prevent the verification process from being carried out properly. In these circumstances, the password write process might not terminate normally so that the password could not be read out from the password area, thus preventing password comparison. When this happens, even an authorized user would not be able to access the storage medium.
Thus, it is an object of the present invention to provide an improved storage device that can maintain control of access to a storage medium by allowing only authorized users access to the storage medium even when a write error occurs during a password write operation to the password area of the storage medium or a password becomes unreadable.
More specifically, an object of the present invention is to provide an improved storage device that can access a storage medium with a plurality of access control areas for storing access control information such as older passwords so that if the update process fails and it becomes impossible to read access control information from one access control area, access control information from another access control area can still be used to restrict access to the storage medium.
Yet another object of the present invention is to provide an improved storage device that locates and replaces defective sectors.
In one aspect of the invention, a storage device is provided for gaining access to a storage medium and for reading data from or writing data to the storage medium. The storage medium has a plurality of access control areas it for storing access control information. The storage device has an update process unit for performing a current update and includes new access control information written to a selected first access control area of the plurality of access control areas. The first access control area can be differentiated from a second access control area of the plurality of access control areas. In addition, an access control unit for controlling access to the storage medium depends on correspondence between the entered access control information and the new access control information written in the first access control area.
In another aspect of the present invention, an access control method is provided for gaining access to a storage medium that has a plurality of access control areas for storing access control information. The access control method includes writing new access information to a first access control area of the plurality of access control areas. The first access control area is differentiated from a second access control area of the plurality of access control areas. In addition, the method also includes controlling access to the storage medium depending on correspondence between the entered access control information and the new access control information written in the first access control area.